Shodan
Vulnerabilities
Vulnerable Software
Debian:  >> Debian Linux  >> 8.0  Security Vulnerabilities
CVE-2017-5974
Heap-based buffer overflow in the __zzip_get32 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file.
CVSS Score
5.5
EPSS Score
0.006
Published
2017-03-01
CVE-2017-5975
Heap-based buffer overflow in the __zzip_get64 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file.
CVSS Score
5.5
EPSS Score
0.006
Published
2017-03-01
CVE-2017-5976
Heap-based buffer overflow in the zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file.
CVSS Score
5.5
EPSS Score
0.006
Published
2017-03-01
CVE-2016-9559
coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image.
CVSS Score
6.5
EPSS Score
0.01
Published
2017-03-01
CVE-2017-5946
The Zip::File component in the rubyzip gem before 1.2.1 for Ruby has a directory traversal vulnerability. If a site allows uploading of .zip files, an attacker can upload a malicious file that uses "../" pathname substrings to write arbitrary files to the filesystem.
CVSS Score
9.8
EPSS Score
0.059
Published
2017-02-27
CVE-2017-5669
The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-02-24
CVE-2017-6298
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "1 of 9. Null Pointer Deref / calloc return value not checked."
CVSS Score
7.8
EPSS Score
0.003
Published
2017-02-24
CVE-2017-6299
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "2 of 9. Infinite Loop / DoS in the TNEFFillMapi function in lib/ytnef.c."
CVSS Score
5.5
EPSS Score
0.004
Published
2017-02-24
CVE-2017-6300
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "3 of 9. Buffer Overflow in version field in lib/tnef-types.h."
CVSS Score
7.8
EPSS Score
0.003
Published
2017-02-24
CVE-2017-6301
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "4 of 9. Out of Bounds Reads."
CVSS Score
7.8
EPSS Score
0.004
Published
2017-02-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved